1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROME_BROWSER_CHROMEOS_SETTINGS_DEVICE_SETTINGS_SERVICE_H_ 6 #define CHROME_BROWSER_CHROMEOS_SETTINGS_DEVICE_SETTINGS_SERVICE_H_ 7 8 #include <deque> 9 #include <string> 10 #include <vector> 11 12 #include "base/basictypes.h" 13 #include "base/callback.h" 14 #include "base/compiler_specific.h" 15 #include "base/memory/ref_counted.h" 16 #include "base/memory/scoped_ptr.h" 17 #include "base/observer_list.h" 18 #include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h" 19 #include "chromeos/dbus/session_manager_client.h" 20 #include "components/ownership/owner_settings_service.h" 21 #include "components/policy/core/common/cloud/cloud_policy_validator.h" 22 #include "crypto/scoped_nss_types.h" 23 #include "policy/proto/device_management_backend.pb.h" 24 25 namespace crypto { 26 class RSAPrivateKey; 27 } 28 29 namespace ownership { 30 class OwnerKeyUtil; 31 class PublicKey; 32 } 33 34 namespace chromeos { 35 36 class SessionManagerOperation; 37 38 // Deals with the low-level interface to Chromium OS device settings. Device 39 // settings are stored in a protobuf that's protected by a cryptographic 40 // signature generated by a key in the device owner's possession. Key and 41 // settings are brokered by the session_manager daemon. 42 // 43 // The purpose of DeviceSettingsService is to keep track of the current key and 44 // settings blob. For reading and writing device settings, use CrosSettings 45 // instead, which provides a high-level interface that allows for manipulation 46 // of individual settings. 47 // 48 // DeviceSettingsService generates notifications for key and policy update 49 // events so interested parties can reload state as appropriate. 50 class DeviceSettingsService : public SessionManagerClient::Observer { 51 public: 52 // Indicates ownership status of the device. 53 enum OwnershipStatus { 54 // Listed in upgrade order. 55 OWNERSHIP_UNKNOWN = 0, 56 OWNERSHIP_NONE, 57 OWNERSHIP_TAKEN 58 }; 59 60 typedef base::Callback<void(OwnershipStatus)> OwnershipStatusCallback; 61 62 // Status codes for Store(). 63 enum Status { 64 STORE_SUCCESS, 65 STORE_KEY_UNAVAILABLE, // Owner key not yet configured. 66 STORE_POLICY_ERROR, // Failure constructing the settings blob. 67 STORE_OPERATION_FAILED, // IPC to session_manager daemon failed. 68 STORE_NO_POLICY, // No settings blob present. 69 STORE_INVALID_POLICY, // Invalid settings blob. 70 STORE_VALIDATION_ERROR, // Unrecoverable policy validation failure. 71 STORE_TEMP_VALIDATION_ERROR, // Temporary policy validation failure. 72 }; 73 74 // Observer interface. 75 class Observer { 76 public: 77 virtual ~Observer(); 78 79 // Indicates device ownership status changes. 80 virtual void OwnershipStatusChanged() = 0; 81 82 // Gets call after updates to the device settings. 83 virtual void DeviceSettingsUpdated() = 0; 84 }; 85 86 // Manage singleton instance. 87 static void Initialize(); 88 static bool IsInitialized(); 89 static void Shutdown(); 90 static DeviceSettingsService* Get(); 91 92 // Creates a device settings service instance. This is meant for unit tests, 93 // production code uses the singleton returned by Get() above. 94 DeviceSettingsService(); 95 virtual ~DeviceSettingsService(); 96 97 // To be called on startup once threads are initialized and DBus is ready. 98 void SetSessionManager(SessionManagerClient* session_manager_client, 99 scoped_refptr<ownership::OwnerKeyUtil> owner_key_util); 100 101 // Prevents the service from making further calls to session_manager_client 102 // and stops any pending operations. 103 void UnsetSessionManager(); 104 session_manager_client()105 SessionManagerClient* session_manager_client() const { 106 return session_manager_client_; 107 } 108 109 // Returns the currently active device settings. Returns NULL if the device 110 // settings have not been retrieved from session_manager yet. policy_data()111 const enterprise_management::PolicyData* policy_data() { 112 return policy_data_.get(); 113 } 114 const enterprise_management::ChromeDeviceSettingsProto* device_settings()115 device_settings() const { 116 return device_settings_.get(); 117 } 118 119 // Returns the currently used owner key. 120 scoped_refptr<ownership::PublicKey> GetPublicKey(); 121 122 // Returns the status generated by the last operation. status()123 Status status() { 124 return store_status_; 125 } 126 127 // Triggers an attempt to pull the public half of the owner key from disk and 128 // load the device settings. 129 void Load(); 130 131 // Signs |settings| with the private half of the owner key and sends the 132 // resulting policy blob to session manager for storage. The result of the 133 // operation is reported through |callback|. If successful, the updated device 134 // settings are present in policy_data() and device_settings() when the 135 // callback runs. 136 void SignAndStore( 137 scoped_ptr<enterprise_management::ChromeDeviceSettingsProto> new_settings, 138 const base::Closure& callback); 139 140 // Sets the management related settings in PolicyData. 141 void SetManagementSettings( 142 enterprise_management::PolicyData::ManagementMode management_mode, 143 const std::string& request_token, 144 const std::string& device_id, 145 const base::Closure& callback); 146 147 // Stores a policy blob to session_manager. The result of the operation is 148 // reported through |callback|. If successful, the updated device settings are 149 // present in policy_data() and device_settings() when the callback runs. 150 void Store(scoped_ptr<enterprise_management::PolicyFetchResponse> policy, 151 const base::Closure& callback); 152 153 // Returns the ownership status. May return OWNERSHIP_UNKNOWN if the disk 154 // hasn't been checked yet. 155 OwnershipStatus GetOwnershipStatus(); 156 157 // Determines the ownership status and reports the result to |callback|. This 158 // is guaranteed to never return OWNERSHIP_UNKNOWN. 159 void GetOwnershipStatusAsync(const OwnershipStatusCallback& callback); 160 161 // Checks whether we have the private owner key. 162 bool HasPrivateOwnerKey(); 163 164 // Sets the identity of the user that's interacting with the service. This is 165 // relevant only for writing settings through SignAndStore(). 166 void InitOwner(const std::string& username, 167 const base::WeakPtr<ownership::OwnerSettingsService>& 168 owner_settings_service); 169 170 const std::string& GetUsername() const; 171 172 // Adds an observer. 173 void AddObserver(Observer* observer); 174 // Removes an observer. 175 void RemoveObserver(Observer* observer); 176 177 // SessionManagerClient::Observer: 178 virtual void OwnerKeySet(bool success) OVERRIDE; 179 virtual void PropertyChangeComplete(bool success) OVERRIDE; 180 181 private: 182 friend class OwnerSettingsServiceChromeOS; 183 184 // Enqueues a new operation. Takes ownership of |operation| and starts it 185 // right away if there is no active operation currently. 186 void Enqueue(SessionManagerOperation* operation); 187 188 // Enqueues a load operation. 189 void EnqueueLoad(bool force_key_load); 190 191 // Makes sure there's a reload operation so changes to the settings (and key, 192 // in case force_key_load is set) are getting picked up. 193 void EnsureReload(bool force_key_load); 194 195 // Runs the next pending operation. 196 void StartNextOperation(); 197 198 // Updates status, policy data and owner key from a finished operation. 199 // Starts the next pending operation if available. 200 void HandleCompletedOperation(const base::Closure& callback, 201 SessionManagerOperation* operation, 202 Status status); 203 204 // Updates status and invokes the callback immediately. 205 void HandleError(Status status, const base::Closure& callback); 206 207 // Called by OwnerSettingsService when sign-and-store operation completes. 208 void OnSignAndStoreOperationCompleted(Status status); 209 set_policy_data(scoped_ptr<enterprise_management::PolicyData> policy_data)210 void set_policy_data( 211 scoped_ptr<enterprise_management::PolicyData> policy_data) { 212 policy_data_ = policy_data.Pass(); 213 } 214 set_device_settings(scoped_ptr<enterprise_management::ChromeDeviceSettingsProto> device_settings)215 void set_device_settings(scoped_ptr< 216 enterprise_management::ChromeDeviceSettingsProto> device_settings) { 217 device_settings_ = device_settings.Pass(); 218 } 219 220 SessionManagerClient* session_manager_client_; 221 scoped_refptr<ownership::OwnerKeyUtil> owner_key_util_; 222 223 Status store_status_; 224 225 std::vector<OwnershipStatusCallback> pending_ownership_status_callbacks_; 226 227 std::string username_; 228 scoped_refptr<ownership::PublicKey> public_key_; 229 base::WeakPtr<ownership::OwnerSettingsService> owner_settings_service_; 230 231 scoped_ptr<enterprise_management::PolicyData> policy_data_; 232 scoped_ptr<enterprise_management::ChromeDeviceSettingsProto> device_settings_; 233 234 // The queue of pending operations. The first operation on the queue is 235 // currently active; it gets removed and destroyed once it completes. 236 std::deque<SessionManagerOperation*> pending_operations_; 237 238 ObserverList<Observer, true> observers_; 239 240 // For recoverable load errors how many retries are left before we give up. 241 int load_retries_left_; 242 243 base::WeakPtrFactory<DeviceSettingsService> weak_factory_; 244 245 DISALLOW_COPY_AND_ASSIGN(DeviceSettingsService); 246 }; 247 248 // Helper class for tests. Initializes the DeviceSettingsService singleton on 249 // construction and tears it down again on destruction. 250 class ScopedTestDeviceSettingsService { 251 public: 252 ScopedTestDeviceSettingsService(); 253 ~ScopedTestDeviceSettingsService(); 254 255 private: 256 DISALLOW_COPY_AND_ASSIGN(ScopedTestDeviceSettingsService); 257 }; 258 259 } // namespace chromeos 260 261 #endif // CHROME_BROWSER_CHROMEOS_SETTINGS_DEVICE_SETTINGS_SERVICE_H_ 262